Commit graph

637 commits

Author SHA1 Message Date
fr33domlover
f07b56c259 Implement getOutboxItemR, serving AS2 and basic HTML 2019-05-18 10:09:47 +00:00
fr33domlover
6d304b9307 Smarter treatment of recipients that are collections
- Allow client to specify recipients that don't need to be delivered to
- When fetching recipient, recognize collections and don't try to deliver to
  them
- Remember collections in DB, and use that to skip HTTP delivery
2019-05-17 22:42:01 +00:00
fr33domlover
48882d65ad Allow AP C2S client to list recipients that aren't actors to deliver to 2019-05-17 10:47:53 +00:00
fr33domlover
1f7ceada64 stack.yaml: List custom deps as extra-deps, not as packages 2019-05-16 21:23:25 +00:00
fr33domlover
07281f6900 Fix infinite loop in ActivityPub audience parsing 2019-05-16 21:22:45 +00:00
fr33domlover
b12ad49b62 Remove unused accidentally left line 2019-05-16 21:21:51 +00:00
fr33domlover
ebc3f016b6 In outbox POST handler logging, fix the display of OutboxItemId number 2019-05-12 20:24:33 +00:00
fr33domlover
e4fe83c163 stack.yaml: List yesod-auth-account under extra-deps using the new syntax 2019-05-12 00:17:56 +00:00
fr33domlover
f84a736177 Grab esqueleto 2.7.0 extra dep instead of pulling from githu8 2019-05-11 23:01:13 +00:00
fr33domlover
d70d34bb6b Debug logs for periodic delivery 2019-05-11 22:26:06 +00:00
fr33domlover
48cfccd3d2 Use forkFinally in ResultShare to be sure we always catch exceptions & set MVar 2019-05-10 21:33:08 +00:00
fr33domlover
f88dcef0d7 Do some debug logging during delivery in outbox POST handler 2019-05-10 20:38:55 +00:00
fr33domlover
770983e829 In outbox POST handler, run async delivery using Worker instead of Handler
Worker is enough and seems much simpler. forkHandler does stuff with
forkResourceT and more stuff that I don't exactly understand and which may
involve more resource allocation. I guess forkWorker would generally be the
preferred approach, and there are bugs with delivery leading to sudden
CPU/memory peaks forcing me to kill the process. Maybe not related, just
mentioning it ^_^
2019-05-10 04:36:21 +00:00
fr33domlover
e29053145f Log errors for linked delivery from outbox, both in handler and periodic 2019-05-09 23:09:34 +00:00
fr33domlover
635952a797 When parsing a LocalURI, use a *valid* dummy host
The previous dummy host was "h", which doesn't contain periods, so the `FedURI`
parser rejects it.
2019-05-09 22:03:19 +00:00
fr33domlover
273fcf972f When delivering activities, sign the Digest header
Looks like I forgot to add it to the list of headers to sign
2019-05-09 21:26:33 +00:00
fr33domlover
ddb6bb0472 When publishing a comment via PublishR, don't specify 'published' time
The server expects not to see it, and wants to set it by itself
2019-05-07 03:12:47 +00:00
fr33domlover
0e4070db75 In ticket discussion, have links to the individual messages (MessageR route) 2019-05-07 02:54:45 +00:00
fr33domlover
9bc78bf303 When posting ticket comment in regular UI, don't specify published time
The outbox handler wants to set it, and it expects it not be set by the client.
2019-05-07 01:51:21 +00:00
fr33domlover
08ca211842 Switch from persistent-parser to my own parser module
My parser doesn't support default=, and I think it's safe to assume nobody is
running an instance whose DB schema version is one of those first 5 where
default= exists, so I'm remvoing it from the original 2016 model file. The
unset-default migrations remain, and I checked in `psql` that PostgreSQL
accepts the operation on columns that don't have a default value. If it turns
out to be a problem, I can replace those migrations with no-op ones.
2019-05-07 00:58:44 +00:00
fr33domlover
a6bfb0cf36 Show note about federation being disabled, and list other known instances 2019-05-05 22:00:26 +00:00
fr33domlover
6bba8ff47f Fix breadcrumb of TicketMessageR 2019-05-05 21:02:26 +00:00
fr33domlover
25a8ea6b8b Reorder routes to correct the route resolution 2019-05-05 20:51:48 +00:00
fr33domlover
b4afa2d086 Fix layout bug in homepage 2019-05-05 15:39:14 +00:00
fr33domlover
c48004d8e3 Fix typo in INSTALL.md 2019-05-05 15:38:43 +00:00
fr33domlover
67a77b1897 In layout header, link to federation status info page 2019-05-05 11:36:10 +00:00
fr33domlover
0a60d65e0e Explain current federation status in FEDERATION.md new file 2019-05-05 11:15:51 +00:00
fr33domlover
c6eaf7cccc In personal overview page, add link to personal inbox 2019-05-05 11:14:23 +00:00
fr33domlover
8303baa69d Implement GETing the personal inbox 2019-05-05 10:20:55 +00:00
fr33domlover
f6eaca2fa8 When project receives remote ticket comment, add author to followers 2019-05-03 23:55:49 +00:00
fr33domlover
5770c62692 Plug the project inbox handler code into the actual POST handler function 2019-05-03 23:18:57 +00:00
fr33domlover
b0a26722d3 Do inbox forwarding in project inbox handler 2019-05-03 21:04:53 +00:00
fr33domlover
5d5c56695e Remember for deliveries in the DB, whether they should sign forwarding 2019-05-02 09:31:56 +00:00
fr33domlover
93cf861ed0 When delivering a comment on a remote ticket, enable inbox forwarding
In the new inbox forwarding scheme, we use an additional special HTTP signature
to indicate that we allow or expect forwarding, and to allow that forwarding to
later be verified. When delivering a comment on a remote ticket, we'd like the
project to do inbox forwarding. Based on the URI alone, it's impossible to tell
which recipient is the project, and I guess there are various tricks we could
use here, but for now a very simple solution is used: Enable forwarding for all
remote recipients whose host is the same as the ticket's host.
2019-05-02 02:06:47 +00:00
fr33domlover
3d9438714b In sharer inbox, accept forwarded activities, including ones of local users 2019-05-01 23:13:22 +00:00
fr33domlover
f789a773e4 Stop using YesodHttpSig, move code from Foundation to Federation 2019-04-29 07:39:20 +00:00
fr33domlover
951364036f Update activity POSTing code to use the new forwarding mechanism
It's not documented yet, but basically I replaced the custom input string with
an HTTPSig based one.
2019-04-28 10:18:50 +00:00
fr33domlover
1fcec035f0 Do some checks on the host in FedURI parsing
Until now, there were some simple host checks when verifying the HTTP sig,
meant to forbid hosts that are IP addresses, local hosts, and maybe other weird
cases. These checks moved to Network.FedURI, so now FedURIs in general aren't
allowed to have such hosts. The host type is still `Text` though, for now.
2019-04-28 09:47:32 +00:00
fr33domlover
342467297a Put inbox activity auth code in a dedicated function in Vervis.Federation 2019-04-26 21:41:01 +00:00
fr33domlover
9d5399d636 Give project actors signing keys, just like user actors, needed for forwarding
Since project actors are the ones sending inbox forwards, they need to announce
keys and allow their HTTP Signatures to be verified.
2019-04-26 13:04:00 +00:00
fr33domlover
811217fd17 Return keyid and digest after inbox verification, for use in forwarding 2019-04-26 04:15:07 +00:00
fr33domlover
f346da9106 New module Yesod.ActivityPub, use it in Vervis.Federation for delivery POSTing 2019-04-26 03:23:49 +00:00
fr33domlover
71d21ad459 In httpPostAP, support the new signature headers 2019-04-26 00:25:50 +00:00
fr33domlover
46fb4d1512 Add settings switch for activity debug reports 2019-04-25 22:46:27 +00:00
fr33domlover
d24710c46a When receiving activity to inbox, verify the body digest
This patch does a small simple change, however at the cost of the request body
not being available for display in the latest activity list, unless processing
succeeds. I'll fix this situation in a separate patch.
2019-04-25 18:05:02 +00:00
fr33domlover
57374ec816 When POSTing activities, set a Digest header using SHA-256 2019-04-25 15:49:15 +00:00
fr33domlover
825a91d185 Incomplete project inbox handler 2019-04-24 00:47:21 +00:00
fr33domlover
f462a67680 Implement sharer inbox handler
It runs checks against all the relevant tables, but ultimately just inserts the
activity into the recipient's inbox and nothing more, leaving the RemoteMessage
creation and inbox forwarding to the project inbox handler.
2019-04-23 02:57:53 +00:00
fr33domlover
e06f40b665 Switch from single inbox to individual inbox URIs; disable inbox post for now
Inbox post is disabled but in the next patches I'll code and integrate a fixed
complete one, hopefully finally getting ticket comment federation ready for
testing.

I'm making this change because if an actor receives an activity due to being
addressed in bto, ot bcc, or being listed in some remote collection, the server
doesn't have a way to tell which actor(s) are the intended recipients, without
having an individual inbox URL for each actor. I could use a different hack for
this, but it wouldn't be compatible with other AP servers (unless the whole
fediverse agrees on a method).

I wasn't using sharedInbox anyway, and it's an optimization either way.
2019-04-21 10:58:57 +00:00
fr33domlover
f7f15e0f63 When sending ticket comment in regular Vervis UI, deliver it using ActivityPub 2019-04-20 21:34:45 +00:00